public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2026-01-07 05:59:17 +00:00
Code Issues Releases Wiki Activity

Merge branch 'feat/mailcow-adm' into nightly

Browse Source
This commit is contained in:
FreddleSpl0it
2025-08-19 11:57:22 +02:00
parent ac90ecaf4f fed3fc9514
commit ed5be5d7dc
53 changed files with 3450 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
data/web/api/openapi.yaml
View File

@@ -5352,9 +5352,9 @@ paths:
started_at: "2019-12-22T21:00:01.622856172Z"
state: running
type: info
dockerapi-mailcow:
container: dockerapi-mailcow
image: "mailcow/dockerapi:1.36"
controller-mailcow:
container: controller-mailcow
image: "mailcow/controller:1.36"
started_at: "2019-12-22T20:59:59.984797808Z"
state: running
type: info

18
data/web/inc/functions.docker.inc.php
View File

@@ -4,12 +4,12 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
global $redis;
$curl = curl_init();
curl_setopt($curl, CURLOPT_HTTPHEADER,array('Content-Type: application/json' ));
// We are using our mail certificates for dockerapi, the names will not match, the certs are trusted anyway
// We are using our mail certificates for controller, the names will not match, the certs are trusted anyway
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
switch($action) {
case 'get_id':
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/json');
curl_setopt($curl, CURLOPT_URL, 'https://controller:443/containers/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
@@ -35,7 +35,7 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
return false;
break;
case 'containers':
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/json');
curl_setopt($curl, CURLOPT_URL, 'https://controller:443/containers/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
@@ -63,7 +63,7 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
break;
case 'info':
if (empty($service_name)) {
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/json');
curl_setopt($curl, CURLOPT_URL, 'https://controller:443/containers/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
@@ -71,7 +71,7 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
else {
$container_id = docker('get_id', $service_name);
if (ctype_xdigit($container_id)) {
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/' . $container_id . '/json');
curl_setopt($curl, CURLOPT_URL, 'https://controller:443/containers/' . $container_id . '/json');
}
else {
return false;
@@ -102,7 +102,7 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
}
}
else {
if (isset($decoded_response['Config']['Labels']['com.docker.compose.project'])
if (isset($decoded_response['Config']['Labels']['com.docker.compose.project'])
&& strtolower($decoded_response['Config']['Labels']['com.docker.compose.project']) == strtolower(getenv('COMPOSE_PROJECT_NAME'))) {
unset($container['Config']['Env']);
$out[$decoded_response['Config']['Labels']['com.docker.compose.service']]['State'] = $decoded_response['State'];
@@ -123,7 +123,7 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
if (!empty($attr1)) {
$container_id = docker('get_id', $service_name);
if (ctype_xdigit($container_id) && ctype_alnum($attr1)) {
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/' . $container_id . '/' . $attr1);
curl_setopt($curl, CURLOPT_URL, 'https://controller:443/containers/' . $container_id . '/' . $attr1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
if (!empty($attr2)) {
@@ -157,7 +157,7 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
}
$container_id = $service_name;
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/container/' . $container_id . '/stats/update');
curl_setopt($curl, CURLOPT_URL, 'https://controller:443/container/' . $container_id . '/stats/update');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
@@ -175,7 +175,7 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
return false;
break;
case 'host_stats':
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/host/stats');
curl_setopt($curl, CURLOPT_URL, 'https://controller:443/host/stats');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);

10
data/web/inc/functions.inc.php
View File

@@ -488,6 +488,16 @@ function sys_mail($_data) {
'msg' => 'Mass mail job completed, sent ' . count($rcpts) . ' mails'
);
}
function get_remote_ip($use_x_real_ip = true) {
$remote = $_SERVER['REMOTE_ADDR'];
if ($use_x_real_ip && !empty($_SERVER['HTTP_X_REAL_IP'])) {
$remote = $_SERVER['HTTP_X_REAL_IP'];
}
if (filter_var($remote, FILTER_VALIDATE_IP) === false) {
$remote = '0.0.0.0';
}
return $remote;
}
function logger($_data = false) {
/*
logger() will be called as last function

3
data/web/inc/functions.mailbox.inc.php
View File

@@ -468,10 +468,11 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':delete2duplicates' => $delete2duplicates,
':active' => $active,
));
$id = $pdo->lastInsertId();
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_modified', $username)
'msg' => array('mailbox_modified', $username, $id)
);
break;
case 'domain':

14
data/web/inc/prerequisites.inc.php
View File

@@ -105,11 +105,11 @@ http_response_code(500);
<?php
exit;
}
// Stop when dockerapi is not available
if (fsockopen("tcp://dockerapi", 443, $errno, $errstr) === false) {
// Stop when controller is not available
if (fsockopen("tcp://controller", 443, $errno, $errstr) === false) {
http_response_code(500);
?>
<center style='font-family:sans-serif;'>Connection to dockerapi container failed.<br /><br />The following error was reported:<br/><?=$errno;?> - <?=$errstr;?></center>
<center style='font-family:sans-serif;'>Connection to controller container failed.<br /><br />The following error was reported:<br/><?=$errno;?> - <?=$errstr;?></center>
<?php
exit;
}
@@ -165,14 +165,6 @@ if(!$DEV_MODE) {
set_exception_handler('exception_handler');
}
// TODO: Move function
function get_remote_ip() {
$remote = $_SERVER['REMOTE_ADDR'];
if (filter_var($remote, FILTER_VALIDATE_IP) === false) {
return '0.0.0.0';
}
return $remote;
}
// Load core functions first
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.inc.php';

14
data/web/inc/sessions.inc.php
View File

@@ -68,7 +68,7 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
}
else {
$redis->publish("F2B_CHANNEL", "mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
http_response_code(401);
echo json_encode(array(
'type' => 'error',
@@ -80,7 +80,7 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
}
else {
$redis->publish("F2B_CHANNEL", "mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
http_response_code(401);
echo json_encode(array(
'type' => 'error',
@@ -90,6 +90,16 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
exit();
}
}
else {
$remote = get_remote_ip(false);
$docker_ipv4_network = getenv('IPV4_NETWORK');
if ($remote == "{$docker_ipv4_network}.246") {
$_SESSION['mailcow_cc_username'] = 'Controller';
$_SESSION['mailcow_cc_role'] = 'admin';
$_SESSION['mailcow_cc_api'] = true;
$_SESSION['mailcow_cc_api_access'] = 'rw';
}
}
// Handle logouts
if (isset($_POST["logout"])) {

12
data/web/sogo-auth.php
View File

@@ -23,7 +23,16 @@ if (isset($_SERVER['PHP_AUTH_USER'])) {
elseif (preg_match('/^(\/SOGo|)\/Microsoft-Server-ActiveSync.*/', $original_uri) === 1) {
$is_eas = true;
}
$login_check = check_login($username, $password, array('dav' => $is_dav, 'eas' => $is_eas));
if (empty($password)) {
$remote = get_remote_ip();
$docker_ipv4_network = getenv('IPV4_NETWORK');
if ($remote == "{$docker_ipv4_network}.246") {
$login_check = 'user';
$password = file_get_contents("/etc/sogo-sso/sogo-sso.pass");
}
} else {
$login_check = check_login($username, $password, array('dav' => $is_dav, 'eas' => $is_eas));
}
if ($login_check === 'user') {
header("X-User: $username");
header("X-Auth: Basic ".base64_encode("$username:$password"));
@@ -79,6 +88,7 @@ elseif (isset($_SERVER['HTTP_X_ORIGINAL_URI']) && strcasecmp(substr($_SERVER['HT
if (file_exists($_SERVER['DOCUMENT_ROOT'] . '/inc/vars.local.inc.php')) {
include_once $_SERVER['DOCUMENT_ROOT'] . '/inc/vars.local.inc.php';
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/sessions.inc.php';
// extract email address from "/SOGo/so/user@domain/xy"